METHOD AND SYSTEM FOR WIRELESSLY MANAGING THE OPERATION OF A NETWORK APPLIANCE OVER A LIMITED DISTANCE

Description

Field of the Invention

[0001] The present invention relates to managing the operation of an appliance on a network, and more particularly to employing a secure wireless connection with relatively limited range to facilitate the management of the appliance.

Background of the Invention

[0002] Network appliances such as routers, hubs, firewalls, file servers, and the like, are often disposed in a physical location such as a data center where access is typically restricted to authorized personnel. To increase the number of network appliances that can be located in a data center, several network appliances may be positioned in a vertical rack and several of these racks are often disposed in the data center. Also, a cable that is directly connected to some computing device such as a desktop computer or a notebook computer or a wired network interface such as Ethernet is typically employed for configuring and/or managing the operation of each network appliance.

[0003] Additionally, since physical access in a data center to a network appliance is often difficult due to space constraints, it is often difficult to identify a particular network appliance and install a separate cable for configuring and/or managing its operation.

[0004] Hartwig S et al "Wireless Microsenrers", IEEE Pervasive Computing, IEEE Service Center, Los Alamitos, CA, US, vol.1, no.2, 1 April 2002, pages 58 to 66 describes a home bus, a node of which may be a wireless server for facilitating communication between a mobile device and the bus.

[0005] According to a first aspect there is provided a method for enabling management of a network appliance with a mobile node, the method comprising enabling the network appliance to provide a beacon, wherein the beacon is created by a radio signal that is generated with low power; when the mobile node receives the beacon, enabling the mobile node to pair with the network appliance; when the mobile node is paired with the network appliance, pushing an application from the mobile node to the network appliance; and enabling the mobile node to wirelessly communicate at least one management operation to the pushed application over a short distance, wherein the management operation is provided to the network appliance for execution; wherein enabling the mobile node to wirelessly communicate with the network appliance further comprises authenticating an operator of the mobile node.

[0006] According to a second aspect there is provided a system for enabling management of a network appliance with a mobile node, the system comprising a first wireless interface (BT) that is included with the network appliance and is configured to enable the network appliance to provide a beacon, wherein the beacon is created by a radio signal that is generated with low power; a second wireless interface that is included with the mobile node, wherein when the mobile node receives the beacon, the second wireless interface is configured to enable the mobile node to pair with the network appliance, and wherein the mobile node is configured to push an application to the network appliance, the application being configured to enable the mobile node to wirelessly communicate at least one management operation over a short distance to the network appliance, and authenticate an operator of the mobile node, wherein the management operation is provided to the network appliance for execution.

[0007] According to a third aspect there is provided an apparatus for enabling management of a network appliance with a mobile node, the apparatus comprising a wireless interface that is included with the network appliance and is configured to enable the network appliance to perform actions, including: providing a beacon, wherein the beacon is created by a radio signal that is generated with low power; when the mobile node receives the beacon, enabling the mobile node to pair with the network appliance, and enabling an application that is pushed from the mobile node to be received by the network appliance, wherein the received application is configured to enable the mobile node to wirelessly communicate at least one management operation over a short distance to the network appliance, authenticate an operator of the mobile node and wherein the management operation is provided to the network appliance for execution.

[0008] According to a fourth aspect there is provided a computer readable media, tangibly embodying instructions to perform actions, the actions comprising: enabling a network appliance to provide a beacon, wherein the beacon is created by a radio signal that is generated with low power; when a mobile node receives the beacon, enabling the mobile node to pair with the network appliance; when the mobile node is paired with the network appliance, means for pushing an application from the mobile node to the network appliance; and enabling the mobile node to wirelessly communicate at least one management operation to the pushed application over a short distance, wherein the management operation is provided to the network appliance for execution; wherein enabling the mobile node to wirelessly communicate with the network appliance, further comprises authenticating an operator of the mobile node.

Brief Description of the Drawings

[0009] 

FIG. 1 illustrates a schematic diagram of an exemplary system for enabling a mobile node to wirelessly communicate with network appliances;

FIG. 2 shows a schematic diagram of an exemplary network appliance;

FIGURE 3 shows a system diagram of exemplary communication paths between a network appliance and a computer and a mobile node; and

FIGURE 4 shows a flow diagram, in accordance with the present invention.

Detailed Description of the Preferred Embodiment

[0010] In the following detailed description of exemplary embodiments of the invention, reference is made to the accompanied drawings, which form a part hereof, and which is shown by way of illustration, specific exemplary embodiments of which the invention may be practiced. Each embodiment is described in sufficient detail to enable those skilled in the art to practice the invention, and it is to be understood that other embodiments may be utilized, and other changes may be made, without departing from the spirit or scope of the present invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is defined only by the appended claims.

[0011] Throughout the specification and claims, the following terms take the meanings explicitly associated herein, unless the context clearly dictates otherwise. The term "packet" refers to an IP packet. The term "flow" means a flow of packets. The term "connection" refers to a flow or flows of packets that share a common path. The term "n ode" refers t o a network element t hat interconnects one or m ore networks or devices. The term "user" refers to any person or customer such as a business or organization that employs a device to communicate or access resources over a network. The term "operator" refers to any technician or organization that maintains or services a packet-based network.

[0012] The term "network appliance" means a computing device that is coupled to a network and is designed to perform at least one function relating to the network. Exemplary network appliances include, but are not limited to, routers, switches, firewalls, content filters, file servers, network traffic load balancers, hubs, and the like.

[0013] The term "router" refers to a dedicated network element that receives packets and forwards them to their destination. In particular, a router is used to extend or segment networks by forwarding packets from one logical network to another. A router typically operates at layer 3 and below of the Open Systems Interconnection (OSI) reference model for networking. However, some routers can provide additional functionality that operates above layer 3 of the OSI reference model.

[0014] The term "core network" refers to any packet switched digital network. For example, Frame Relay, Asynchronous Transfer Mode (ATM) and Switched Megabit Data Service, and the like.

[0015] Referring to the drawings, like numbers indicate like parts throughout the views. Additionally, a reference to the singular includes a reference to the plural unless otherwise stated or is inconsistent with the disclosure herein.

[0016] A method, apparatus and system is provided for providing a communication interface in a network appliance that enables secure wireless management of the network appliance over a relatively limited (short) distance with a mobile node. The operator of the mobile node is authenticated and communication between the network appliance and the mobile node is encrypted. Even if an unauthorized person was able to be positioned in relatively close proximity to a network appliance such as within the physical confines of a data center, these authentication and encryption measures would make it extremely difficult for unauthorized wireless management of the operation of the network appliance.

[0017] It is understood that managing the operation of a network appliance can include one or more actions including, but not limited to, configuration, load balancing, IP address assignment, metrics, updates, maintenance, security, and the like.

[0018] In one embodiment, the exemplary communication interface enables communication between a network appliance and a computing device with a secure and relatively low power wireless communication protocol, such as provided by the Bluetooth specification.

[0019] Bluetooth is a specification for using low-power radio to link mobile devices and computers over short distances without wires. The name "Bluetooth" is borrowed from Harald Bluetooth, who was a king in Denmark more than 1,000 years ago. The name was chosen in part to reflect the relatively important role that Scandinavian countries play in the wireless communication industry.

[0020] Bluetooth devices establish a network that uses a dynamic topology called a piconet or personal area network (PAN) for sharing a common communication channel with a total capacity of 1 megabit per second. Each piconet can include a minimum of two and a maximum of eight Bluetooth peer devices. Bluetooth technology uses low power (1 milliwatt) to transmit radio signals over a relatively short distance, typically no more than 30 feet (10 meters). By comparison, many mobile telephones transmit a radio signal at three watts.

[0021] The Bluetooth specification, developed by an industry consortium, specifies spread spectrum frequency hopping in the 2.4 Giga hertz range for radio signals, the same range used by the IEEE 802.11b protocol. However, even with relatively low power, a Bluetooth signal can still enable communication between several devices in different rooms that are physically positioned no more than 10 meters away from each other.

[0022] Bluetooth provides link-layer encryption and can establish an encrypted link between two Bluetooth devices. Bluetooth can establish link encryption between two devices when a symmetric encryption key is created in both of them. This process, called pairing, uses a shared secret known as a PIN that is passed out-of-band, as opposed to over a Bluetooth channel. The shared symmetric encryption keys are then created and exchanged in a secure manner with the use of the PIN. This pairing process can be classified as a key management or a key-exchange mechanism.

[0023] Bluetooth authentication verifies that the other device has the same encryption key before enabling encryption on the connection. This is a connection-management issue designed to prevent the confusion that would result if the nodes on the connection used different encryption keys.

Illustrative Operating Environment

[0024] With reference to FIGURE 1, an exemplary network system in which the invention may operate is illustrated. As shown in the figure, exemplary network system 100 includes mobile node (MN) 105, radio access network (RAN) 110, gateway 135, network appliance 125_A-J and wide area network (WAN)/local area network (LAN) 140. Typically, the network appliances for RAN 110, gateway 135 and WAN 140 would be disposed in one or more data centers w here proximity and access to their respective network appliances would be limited to authorized personnel, such as system administrators, technicians, and the like.

[0025] Mobile node 105 is arranged to enable wireless communication with each network appliance that includes a wireless module (BT) 145. Each BT 145 is arranged to support a secure wireless protocol that enables communication over a relatively short distance, such as the Bluetooth protocol, and the like. Due in part to this relatively limited distance and restricted access to a typical data center, mobile node 105 wirelessly communicates with a network appliance from a position either within the data center or in a secure area that is known to the operator of the data center. Also, the limited distance/range for wirelessly communicating with the network appliance doesn't prevent authorized personnel from wireless communicating with a network appliance, but it can prevent an unauthorized person that is positioned outside the data center from doing so.

[0026] Generally, MN 105 may include any device capable of communicating with BT 145. Such devices include cellular telephones, smart phones, pagers, radio frequency (RF) communication devices, integrated devices combining one or more of the preceding devices, and the like. MN 105 may also include other devices that have a wireless interface such as Personal Digital Assistants (PDAs), handheld computers, personal computers, multiprocessor systems, microprocessor-based or programmable consumer electronics, network PCs, wearable computers, and the like.

[0027] RAN 110 may include both wireless and wired components. For example, RAN 110 may include a cellular tower that is linked to a wired telephone network. Typically, the cellular tower carries communication to and from cell phones, pagers, and other wireless devices, and the wired telephone network carries communication to regular phones, long-distance communication links, and the like. RAN 110 may include network devices, such as network appliances 125_A-D, as shown in the figure. Generally, at least because network appliances 125_A-J are coupled to a network, they are vulnerable to security breaches, such as invasion by unauthorized processes and management by unauthorized persons.

[0028] RAN 110 is coupled to WAN/LAN 140 through gateway 135. Gateway 135 routes information between RAN 110 and WAN/LAN 140. For example, a mobile node, such as MN 105, may request access to the Internet by calling a certain number or tuning to a particular frequency. Upon receipt of the request, RAN 110 is configured to pass information between MN 105 and gateway 135. Gateway 135 may translate requests from MN 105 to a specific protocol, such as hypertext transfer protocol (HTTP) messages, and then send the messages to WAN/LAN 140. Gateway 135 translates responses to such messages into a form compatible with the requesting mobile node. Gateway 135 may also transform other messages sent from MN 105 into information suitable for WAN/LAN 140, such as e-mail, audio, voice communication, contact databases, calendars, appointments, and the like. As shown in the figure, gateway 135 may include network devices, such as network appliances 125_E-F that include wireless module BT 145.

[0029] WAN/LAN 140 is an IP packet based backbone network that transmits information between computing devices. One example of WAN is the Internet. An example of a LAN is a network used to connect computers in an office or a home. A WAN may connect multiple LANs. As shown in the figure, WAN/LAN 140 may include network devices, such as network appliances 125_G-J that may also include wireless module BT 145.

[0030] Communication links within LANs typically include twisted wire pair, fiber optics, or coaxial cable, while communication links between networks may utilize analog telephone lines, full or fractional dedicated digital lines including T1, T2, T3, and T4, Integrated Services Digital Networks (ISDNs), Digital Subscriber Lines (DSLs), wireless links, or other communications links.

[0031] Network system 100 may include many more components than those shown in FIGURE 1. However, the components shown are sufficient to disclose an illustrative embodiment for practicing the present invention.

[0032] The media used to transmit information in the communication links as described above illustrates one type of computer-readable media, namely communication media. Generally, computer-readable media includes any media that can be accessed by a computing device. Communication media typically embodies computer-readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. The term "modulated data signal" means a signal that has one or more of its characteristics set or changed ins such a manner as to encode information in the signal. By way of example, communication media includes wired media such as twisted pair, coaxial cable, fiber optics, wave guides, and other wired media and wireless media such as acoustic, RF, infrared, and other wireless media.

[0033] FIGURE 2 illustrates a schematic diagram that shows an exemplary network appliance. Network appliance 200 may include many more components than those shown in FIGURE 2. However, the components shown are sufficient to disclose an illustrative embodiment for practicing the present invention.

[0034] As shown in FIGURE 2, network appliance 200 may be coupled to RAN 105 or WAN/LAN 140, or other communications network, via network interface unit 210. Network interface unit 210 includes the necessary circuitry and protocols for coupling network appliance 200 to RAN 105 or WAN/LAN 140. Typically, there is one network interface unit 210 provided for each network coupled to network appliance 200.

[0035] Network appliance 200 also includes processing unit 212, and a mass memory, all connected via bus 222. The mass memory generally includes RAM 216, ROM 232, and optionally, one or more permanent mass storage devices, such as hard disk drive 228, and/or a tape drive, CD-ROM/DVD-ROM drive, floppy disk drive, and the like. The mass memory stores operating system 220 for controlling the operation of network appliance 200. This component may comprise a general purpose operating system 220, or the operating system may be specialized to support the specific functions of network appliance 200. Additionally, input/output interface 242 enables wired devices to communicate with network appliance 200, such devices include, but are not limited to, keyboards, pointing devices, displays, printers, and the like. Furthermore, wireless communication unit 240 enables wireless communication over a limited distance with a mobile node (not shown).

[0036] The mass memory as described above illustrates another type of computer-readable media, namely computer storage media. Computer storage media may include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules or other data. Examples of computer storage media include RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computing device.

[0037] The mass memory also stores program code and data for wireless communication protocol 230, and other programs 234 such as programs that enable network appliance 200 to perform its functions. Wireless communication protocol program 230 enables network appliance 200 to securely employ wireless interface unit 240 for wireless communication over a relatively short distance with a mobile node (not shown).

Illustrative System Diagram

[0038] FIGURE 3 illustrates an over view 300 of an exemplary system where network appliance 302 is capable of communicating with computer 304 by two separate communication channels, network cable 310 and point to point cable 308. Typically, communication over network cable 310 is enabled by a protocol such as Ethernet and security is provided with a secure sockets layer (SSL), and the like. Also, multiple network appliances in a data center may be logically connected to network cable 310. Point to point cable 308 enables direct communication between computer 304 and network appliance 302 with at least one serial or parallel interface, including, but not limited to, USB, Firewire, RS 232, RS 485, IEEE 488, and the like.

[0039] As shown, mobile node 306 includes wireless interface unit (BT) 314 that can wirelessly communicate with wireless interface unit (BT) 312, which is included with network appliance 302. Mobile node 314 enables authorized personnel to wirelessly manage the operation of network appliance 302.

Illustrative Flow Diagram

[0040] FIGURE 4 illustrates an exemplary flow chart for enabling a mobile node to wirelessly configure/manage the operation of a network appliance. Moving from a start block, the process advances to block 402 where the network appliance broadcasts a beacon over a relatively short distance, e.g., ten meters. The beacon broadcast may occur under various conditions, including, but not limited to, reset, error, maintenance, and the initial setup of the network appliance.

[0041] Moving to block 404, the network appliance pairs with the mobile node after determining that the mobile node is authenticated for wireless communication with the network appliance. In some cases, an initial code that was provided to the mobile node out of band such as the serial number of the network appliance may be used for authentication. At some later date, the system administrator could change this initial code to some other value.

[0042] Next, from the mobile node an application is pushed to the network appliance. The pushed application may be provided in various formats, including, but not limited to, a binary file, script, JAVA application, and the like. Once the application is installed on the network appliance, the process steps to block 408 where an authorized operator of the mobile node can employ an application to securely manage the operation of the network appliance over the paired wireless communication link.

[0043] In one embodiment, the network appliance may provide the mobile node with a profile that can include, but is not limited to, a location identification number, IP address, type of the network appliance, and the like. Additionally, the communication between the paired mobile node and network appliance is encrypted to further prevent unauthorized management of the network appliance. Also, the mobile node may provide an application such as a browser application, JAVA application, and the like, to control the application pushed to the network appliance. Next, the process advances to an end block and continues processing other actions.

[0044] The above specification, examples and data provide a complete description of the manufacture and use of the composition of the invention. Since many embodiments of the invention can be made without departing from the scope of the invention, the invention resides in the claims hereinafter appended.

Claims

1. A method for enabling management of a network appliance (125) with a mobile node (105), the method comprising
enabling the network appliance (125) to provide a beacon, wherein the beacon is created by a radio signal that is generated with low power;
when the mobile node (105) receives the beacon, enabling the mobile node (105) to pair with the network appliance (125);
when the mobile node (105) is paired with the network appliance (125), pushing an application from the mobile node (105) to the network appliance (125); and
enabling the mobile node (105) to wirelessly communicate at least one management operation to the pushed application over a short distance, wherein the management operation is provided to the network appliance for execution;
wherein enabling the mobile node (105) to wirelessly communicate with the network appliance (125) further comprises authenticating an operator of the mobile node.

2. The method of claim 1, wherein the pushed application is at least one of a JAVA application, binary file, and script.

3. The method of claim 1, wherein the radio signal is generated with approximately one milliwatt of power.

4. The method of claim 1, wherein the short distance is approximately 10 meters.

5. The method of claim 1, wherein the wireless communication is based on a Bluetooth specification.

6. The method of claim 1, wherein the network appliance (125) further comprises at least one of a router, switch, firewall, content filter, file server, load balancer, and hub.

7. The method of claim 1, wherein the mobile node (105) further comprises at least one of a cellular telephone, smart phone, pager, radio frequency (RF) communication device, Personal Digital Assistant (PDA), handheld computer, laptop computer, personal computer, multiprocessor system, microprocessor-based consumer electronic device, programmable consumer device, network PC, and wearable computer.

8. The method of claim 1, wherein the managing of the operation of the network appliance (125) further comprises providing at least one operation, including configuration, load balancing, IP address assignment, metric collection, metric analysis, updates, maintenance, and security measures.

9. A system for enabling management of a network appliance with a mobile node, the system comprising
a first wireless interface (BT) that is included with the network appliance (125) and is configured to enable the network appliance to provide a beacon, wherein the beacon is created by a radio signal that is generated with low power;
a second wireless interface that is included with the mobile node (105), wherein when the mobile node receives the beacon, the second wireless interface is configured to enable the mobile node to pair with the network appliance, and
wherein the mobile node (105) is configured to push an application to the network appliance (125), the application being configured to enable the mobile node to wirelessly communicate at least one management operation over a short distance to the network appliance, and authenticate an operator of the mobile node, wherein the management operation is provided to the network appliance for execution.

10. The system of claim 9, wherein the pushed application is at least one of a JAVA application, binary file, and script.

11. The system of claim 9, wherein the wireless communication is based on a Bluetooth specification.

12. The system of claim 9, wherein the managing of the operation of the network appliance (125) further comprises providing at least one operation for execution, including configuration, load balancing, IP address assignment, metric collection, metric analysis, updates, maintenance, and security measures.

13. An apparatus for enabling management of a network appliance (125) with a mobile node, the apparatus comprising
a wireless interface that is included with the network appliance (125) and is configured to enable the network appliance to perform actions, including:

providing a beacon, wherein the beacon is created by a radio signal that is generated with low power;

when the mobile node (105) receives the beacon, enabling the mobile node to pair with the network appliance, and

enabling an application that is pushed from the mobile node (105) to be received by the network appliance, wherein the received application is configured to enable the mobile node to wirelessly communicate at least one management operation over a short distance to the network appliance, authenticate an operator of the mobile node and wherein the management operation is provided to the network appliance for execution.

14. The apparatus of claim 13, wherein the pushed application is at least one of a JAVA application, binary file, and script.

15. The apparatus of claim 13, wherein the wireless communication is based on a Bluetooth specification.

16. The apparatus of claim 13, wherein the managing of the operation of the network appliance further comprises providing at least one operation for execution, including configuration, load balancing, IP address assignment, metric collection, metric analysis, updates, maintenance, and security measures.

17. A computer readable media, tangibly embodying instructions to perform actions, the actions comprising:

enabling a network appliance (125) to provide a beacon, wherein the beacon is created by a radio signal that is generated with low power;

when a mobile node (105) receives the beacon, enabling the mobile node to pair with the network appliance;

when the mobile node (105) is paired with the network appliance (125), means for pushing an application from the mobile node to the network appliance; and

enabling the mobile node (105) to wirelessly communicate at least one management operation to the pushed application over a short distance, wherein the management operation is provided to the network appliance (125) for execution; wherein enabling the mobile node (105) to wirelessly communicate with the network appliance (125), further comprises authenticating an operator of the mobile node.

Ansprüche

1. Verfahren zum Ermöglichen der Verwaltung einer Netzeinrichtung (125) mit einem mobilen Knoten (105), wobei das Verfahren Folgendes umfasst:

Ermöglichen, dass die Netzeinrichtung (125) ein Beacon bereitstellt, wobei das Beacon durch ein Funksignal erzeugt wird, das mit geringer Leistung generiert wird;

wenn der mobile Knoten (105) das Beacon empfängt, Ermöglichen, dass der mobile Knoten (105) mit der Netzeinrichtung (125) gepaart wird;

wenn der mobile Knoten (105) mit der Netzeinrichtung (125) gepaart wird, Senden einer Anwendung vom mobilen Knoten (105) an die Netzeinrichtung (125) im Pushverfahren; und

Ermöglichen, dass der mobile Knoten (105) mindestens einen Verwaltungsbetriebsvorgang über eine kurze Distanz drahtlos an die im Pushverfahren gesendete Anwendung kommuniziert, wobei der Verwaltungsbetriebsvorgang für die Netzeinrichtung zur Ausführung bereitgestellt wird;

wobei das Ermöglichen, dass der mobile Knoten (105) drahtlos mit der Netzeinrichtung (125) kommuniziert, ferner Authentifizieren eines Betreibers des mobilen Knotens umfasst.

2. Verfahren nach Anspruch 1, wobei die im Pushverfahren gesendete Anwendung eine JAVA-Anwendung und/oder eine Binärdatei und/oder ein Skript ist.

3. Verfahren nach Anspruch 1, wobei das Funksignal mit ungefähr einem Milliwatt Leistung generiert wird.

4. Verfahren nach Anspruch 1, wobei die kurze Distanz ungefähr 10 Meter beträgt.

5. Verfahren nach Anspruch 1, wobei die drahtlose Kommunikation auf einer Bluetooth-Spezifikation basiert.

6. Verfahren nach Anspruch 1, wobei die Netzeinrichtung (125) ferner einen Router und/oder einen Switch und/oder eine Firewall und/oder einen Inhaltsfilter und/oder einen Dateiserver und/oder einen Lastausgleicher und/oder einen Hub umfasst.

7. Verfahren nach Anspruch 1, wobei der mobile Knoten (105) ferner ein Mobilfunktelefon und/oder ein Smartphone und/oder einen Pager und/oder eine Hochfrequenz(HF)-Kommunikationseinrichtung und/oder einen Personal Digital Assistant (PDA) und/oder einen Handheld-Computer und/oder einen Laptop-Computer und/oder einen Personal Computer und/oder ein Mehrprozessorsystem und/oder ein mikroprozessorbasiertes Gerät der Unterhaltungselektronik und/oder ein programmierbares Endverbrauchergerät und/oder einen Netzwerk-PC und/oder einen Wearable Computer umfasst.

8. Verfahren nach Anspruch 1, wobei das Verwalten des Betriebs der Netzeinrichtung (125) ferner Bereitstellen mindestens eines Betriebsvorgangs umfasst, der Konfigurationen, Lastausgleiche, IP-Adresszuweisungen, Metrikerfassungen, Metrikanalysen, Aktualisierungen, Wartungen und Sicherheitsmaßnahmen enthält.

9. System zum Ermöglichen der Verwaltung einer Netzeinrichtung mit einem mobilen Knoten, wobei das System Folgendes umfasst:

eine erste Drahtlosschnittstelle (BT), die in der Netzeinrichtung (125) enthalten und konfiguriert ist, um zu ermöglichen, dass die Netzeinrichtung ein Beacon bereitstellt, wobei das Beacon durch ein Funksignal erzeugt wird, das mit geringer Leistung generiert wird;

eine zweite Drahtlosschnittstelle, die im mobilen Knoten (105) enthalten ist, wobei die zweite Drahtlosschnittstelle, wenn der mobile Knoten das Beacon empfängt, konfiguriert ist, um zu ermöglichen, dass der mobile Knoten mit der Netzeinrichtung gepaart wird, und

wobei der mobile Knoten (105) konfiguriert ist, um eine Anwendung im Pushverfahren an die Netzeinrichtung (125) zu senden, wobei die Anwendung konfiguriert ist, um zu ermöglichen, dass der mobile Knoten mindestens einen Verwaltungsbetriebsvorgang über eine kurze Distanz drahtlos an die Netzeinrichtung kommuniziert, und einen Betreiber des mobilen Knotens zu authentifizieren, wobei der Verwaltungsbetriebsvorgang für die Netzeinrichtung zur Ausführung bereitgestellt wird.

10. System nach Anspruch 9, wobei die im Pushverfahren gesendete Anwendung eine JAVA-Anwendung und/oder eine Binärdatei und/oder ein Skript ist.

11. System nach Anspruch 9, wobei die drahtlose Kommunikation auf einer Bluetooth-Spezifikation basiert.

12. System nach Anspruch 9, wobei das Verwalten des Betriebs der Netzeinrichtung (125) ferner Bereitstellen mindestens eines Betriebsvorgangs zur Ausführung umfasst, der Konfigurationen, Lastausgleiche, IP-Adresszuweisungen, Metrikerfassungen, Metrikanalysen, Aktualisierungen, Wartungen und Sicherheitsmaßnahmen enthält.

13. Gerät zum Ermöglichen der Verwaltung einer Netzeinrichtung (125) mit einem mobilen Knoten, wobei das Gerät Folgendes umfasst:

eine Drahtlosschnittstelle, die in der Netzeinrichtung (125) enthalten und konfiguriert ist, um zu ermöglichen, dass die Netzeinrichtung Aktionen durchführt, die Folgendes enthalten:

Bereitstellen eines Beacons, wobei das Beacon durch ein Funksignal erzeugt wird, das mit geringer Leistung generiert wird;

wenn der mobile Knoten (105) das Beacon empfängt, Ermöglichen, dass der mobile Knoten mit der Netzeinrichtung gepaart wird, und

Ermöglichen, dass eine Anwendung, die im Pushverfahren vom mobilen Knoten (105) gesendet wird, durch die Netzeinrichtung empfangen wird, wobei die empfangene Anwendung konfiguriert ist, um zu ermöglichen, dass der mobile Knoten mindestens einen Verwaltungsbetriebsvorgang über eine kurze Distanz drahtlos an die Netzeinrichtung kommuniziert, und einen Betreiber des mobilen Knotens zu authentifizieren, und wobei der Verwaltungsbetriebsvorgang für die Netzeinrichtung zur Ausführung bereitgestellt wird.

14. Gerät nach Anspruch 13, wobei die im Pushverfahren gesendete Anwendung eine JAVA-Anwendung und/oder eine Binärdatei und/oder ein Skript ist.

15. Gerät nach Anspruch 13, wobei die drahtlose Kommunikation auf einer Bluetooth-Spezifikation basiert.

16. Gerät nach Anspruch 13, wobei das Verwalten des Betriebs der Netzeinrichtung ferner Bereitstellen mindestens eines Betriebsvorgangs zur Ausführung umfasst, der Konfigurationen, Lastausgleiche, IP-Adresszuweisungen, Metrikerfassungen, Metrikanalysen, Aktualisierungen, Wartungen und Sicherheitsmaßnahmen enthält.

17. Computerlesbares Medium, das konkret Befehle zum Durchführen von Aktionen darstellt, wobei die Aktionen Folgendes umfassen:

Ermöglichen, dass eine Netzeinrichtung (125) ein Beacon bereitstellt, wobei das Beacon durch ein Funksignal erzeugt wird, das mit geringer Leistung generiert wird;

wenn ein mobiler Knoten (105) das Beacon empfängt, Ermöglichen, dass der mobile Knoten mit der Netzeinrichtung gepaart wird;

wenn der mobile Knoten (105) mit der Netzeinrichtung (125) gepaart wird, Mittel zum Senden einer Anwendung vom mobilen Knoten an die Netzeinrichtung im Pushverfahren; und

Ermöglichen, dass der mobile Knoten (105) mindestens einen Verwaltungsbetriebsvorgang über eine kurze Distanz drahtlos an die im Pushverfahren gesendete Anwendung kommuniziert, wobei der Verwaltungsbetriebsvorgang für die Netzeinrichtung (125) zur Ausführung bereitgestellt wird; wobei das Ermöglichen, dass der mobile Knoten (105) drahtlos mit der Netzeinrichtung (125) kommuniziert, ferner Authentifizieren eines Betreibers des mobilen Knotens umfasst.

Revendications

1. Procédé permettant de gérer un appareil réseau (125) avec un noeud mobile (105), lequel procédé consiste à :

- permettre à l'appareil réseau (125) de fournir une balise, la balise étant créée par un signal radio généré à faible puissance ;

- lorsque le noeud mobile (105) reçoit la balise, permettre au noeud mobile (105) de s'apparier à l'appareil réseau (125) ;

- lorsque le noeud mobile (105) est apparié à l'appareil réseau (125), mettre en avant une application du noeud mobile (105) vers l'appareil réseau (125) ; et

- permettre au noeud mobile (105) de communiquer sans fil au moins une opération de gestion vers l'application mise en avant à une courte distance, l'opération de gestion étant fournie à l'appareil réseau en vue de l'exécution ;

- dans lequel le fait de permettre au noeud mobile (105) de communiquer sans fil avec l'appareil réseau (125) consiste en outre à authentifier un opérateur du noeud mobile.

2. Procédé selon la revendication 1, dans lequel l'application mise en avant est l'un(e) au moins d'une application JAVA, d'un fichier binaire et d'un script.

3. Procédé selon la revendication 1, dans lequel le signal radio est généré à une puissance d'environ 1 milliwatt.

4. Procédé selon la revendication 1, dans lequel la distance courte est d'environ 10 mètres.

5. Procédé selon la revendication 1, dans lequel la communication sans fil repose sur une spécification Bluetooth.

6. Procédé selon la revendication 1, dans lequel l'appareil réseau (125) comprend en outre l'un au moins d'un routeur, d'un commutateur, d'un pare-feu, d'un filtre de contenu, d'un serveur de fichiers, d'un équilibrage de charge et d'un concentrateur.

7. Procédé selon la revendication 1, dans lequel le noeud mobile (105) comprend en outre l'un au moins d'un téléphone cellulaire, d'un téléphone intelligent, d'un appareil de radiomessagerie, d'un dispositif de communication radiofréquence, d'un assistant numérique personnel (PDA), d'un ordinateur de poche, d'un ordinateur portable, d'un ordinateur personnel, d'un système multiprocesseur, d'un dispositif électronique de consommateur à base de microprocesseur, d'un dispositif de consommateur programmable, d'un PC réseau et d'un ordinateur vestimentaire.

8. Procédé selon la revendication 1, dans lequel la gestion de l'opération de l'appareil réseau (125) consiste en outre à fournir au moins une opération, y compris une configuration, un équilibrage de charge, une attribution d'adresse IP, une collection de mesures, une analyse de mesures, des mises à jour, un entretien, et des mesures de sécurité.

9. Système pour permettre la gestion d'un appareil réseau avec un noeud mobile, lequel système comprend :

- une première interface sans fil (BT) comprise dans l'appareil réseau (125) et conçue pour permettre à l'appareil réseau de fournir une balise, la balise étant créée par un signal radio généré à faible puissance ;

- une seconde interface sans fil comprise dans le noeud mobile (105), dans lequel lorsque le noeud mobile reçoit la balise, la seconde interface sans fil est conçue pour permettre au noeud mobile de s'apparier à l'appareil réseau ; et

- dans lequel le noeud mobile (105) est conçu pour mettre en avant une application vers l'appareil réseau (125), l'application étant conçue pour permettre au noeud mobile de communiquer sans fil au moins une opération de gestion sur une courte distance vers l'appareil réseau, et authentifier un opérateur du noeud mobile, l'opération de gestion étant fournie à l'appareil réseau en vue de l'exécution.

10. Système selon la revendication 9, dans lequel l'application mise en avant est l'un(e) au moins d'une application JAVA, d'un fichier binaire et d'un script.

11. Système selon la revendication 9, dans lequel la communication sans fil repose sur une spécification Bluetooth.

12. Système selon la revendication 9, dans lequel la gestion de l'opération de l'appareil réseau (125) consiste en outre à fournir au moins une opération en vue de l'exécution, y compris une configuration, un équilibrage de charge, une attribution d'adresse IP, une collection de mesures, une analyse de mesures, des mises à jour, un entretien, et des mesures de sécurité.

13. Appareil pour permettre la gestion d'un appareil réseau (125) avec un noeud mobile, lequel appareil comprend :

- une interface sans fil comprise dans l'appareil réseau (125) et conçue pour permettre à l'appareil réseau d'effectuer des actions, comprenant :

- fournir une balise, la balise étant créée par un signal radio généré à faible puissance ;

- lorsque le noeud mobile (105) reçoit la balise, permettre au noeud mobile de s'apparier à l'appareil réseau ; et

- permettre à une application qui est mise en avant depuis le noeud mobile (105) d'être reçue par l'appareil réseau, laquelle application reçue est configurée pour permettre au noeud mobile de communiquer sans fil au moins une opération de gestion sur une courte distance vers l'appareil réseau, et authentifier un opérateur du noeud mobile, et l'opération de gestion étant fournie à l'appareil réseau en vue de l'exécution.

14. Appareil selon la revendication 13, dans lequel l'application mise en avant est l'un(e) au moins d'une application JAVA, d'un fichier binaire et d'un script.

15. Appareil selon la revendication 13, dans lequel la communication sans fil repose sur une spécification Bluetooth.

16. Appareil selon la revendication 13, dans lequel la gestion de l'opération de l'appareil réseau consiste en outre à fournir au moins opération en vue de l'exécution, comprenant une configuration, un équilibrage de charge, une attribution d'adresse IP, une collection de mesures, une analyse de mesures, des mises à jour, un entretien, et des mesures de sécurité.

17. Support lisible par ordinateur mettant en oeuvre tangiblement des instructions pour effectuer des actions, les actions comprenant :

- permettre à un appareil réseau (125) de fournir une balise, la balise étant créée par un signal radio généré à faible puissance ;

- lorsque le noeud mobile (105) reçoit la balise, permettre au noeud mobile de s'apparier à l'appareil réseau ;

- lorsque le noeud mobile (105) est apparié à l'appareil réseau (125), un moyen pour mettre en avant une application du noeud mobile vers l'appareil réseau ; et

- permettre au noeud mobile (105) de communiquer sans fil au moins une opération de gestion à l'application mise en avant sur une courte distance, l'opération de gestion étant fournie à l'appareil réseau (125) en vue de l'exécution ; dans lequel le fait de permettre au noeud mobile (105) de communiquer sans fil avec l'appareil réseau (125) consiste en outre à authentifier un opérateur du noeud mobile.

Drawing